What is the threat?
On Friday, March 1st, Google released an update to patch a vulnerability in its Chrome browser. The vulnerability is currently being exploited in the wild and is a use-after-free flaw in the browser’s FileReader API. This programming interface is designed to allow Chrome to access and read locally stored files. Users simply interacting with a maliciously-designed webpage are vulnerable to their freed memory via the Chrome FileReader API being accessed by cyber attackers in order to execute arbitrary code, totally take over the device, or to trigger a denial-of-service hit.
Why is this noteworthy?
What is most notable in regards to this vulnerability is that it is exploitable for all versions of Google Chrome prior to 72.0.3626.121. This particular attack vector is somewhat different from past Chrome-Related exploits in how it does not utilize the plugin, Adobe Flash. Because it targets the browser directly, user initiative will need to be taken: The browser will have to be restarted in order for the downloaded update to take effect.
What is the exposure or risk?
Being able to take control of one’s device through the Chrome browser is dangerous, especially for individuals who tend to leave their applications running. Many users will leave Chrome and their tabs opened for days or weeks without restarting or closing the browser. Having devices compromised by malicious actors executing arbitrary code and taking advantage of users’ negligence can be heavily detrimental to a business’ digital integrity.
What can you do?
Considering that many individuals and businesses work with the Google Chrome browser (about 62% of browser users as of February 2019), it is highly recommended that users confirm that their version of Chrome is: “72.0.3626.121” and that they restart the application.
For more in-depth information about the recommendations, please visit the following link:
If you have any questions, please contact our Secure Intelligence Center.